var jwt = require('jsonwebtoken');
module.exports = (options) => {
    return function* auth(next) {
        if(this.request.method!=='GET'){
            if(!this.request.header["callmesoul-token"]){
                this.response.status=401;
                this.response.body={error:"token无效或过期，禁止访问！"};
                return;
            }else {
                var decoded = jwt.verify(this.request.header["callmesoul-token"], this.locals.tokenScrect);
                if(decoded){
                    const user = yield this.model.User.findById(decoded.id);
                    if(user){
                        this.user=user;
                        yield next;
                    }else{
                        this.response.status=403;
                        this.response.body={error:"token无效或过期，禁止访问！"};
                        return;
                    }
                }else{
                    this.response.status=403;
                    this.response.body={error:"token无效或过期，禁止访问！"};
                    return;
                }
            }
        }else {
            yield next;
        }

    };
};